Varnish and SSL

Some believe a missing feature of Varnish is the lack of SSL support. There are many good reasons why Varnish doesn’t support SSL, and there are of course ways to work around this. I’ve used Pound myself for this task, a light-weight reverse proxy, load balancer and HTTPS front-end that serves as a SSL-capable proxy in front of Varnish. A side note is that your application backend won’t have any idea that the initial request was sent on a secure socket. Therefor it’s a good idea to let Pound add a header describing the initial protocol. There are more details and configuration examples of how this could work when combined with a Plone backend.


Follow

Get every new post delivered to your Inbox.